seeing is believing
Showing 1 - 15 of 15 RSS Feed

Files Date: 2016-01-25

Red Hat Security Advisory 2016-0064-01
Posted Jan 25, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0064-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A use-after-free flaw was found in the way the Linux kernel's key management subsystem handled keyring object reference counting in certain error path of the join_session_keyring() function. A local, unprivileged user could use this flaw to escalate their privileges on the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2016-0728
MD5 | 59ced89dc158c0766a0fd79a5735974c
Lenovo ShareIT Information Disclosure / Hardcoded Password
Posted Jan 25, 2016
Authored by Core Security Technologies, Ivan Huertas | Site coresecurity.com

Lenovo ShareIT suffers from hard-coded password, information exposure, missing encryption, and missing authorization vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2016-1489, CVE-2016-1490, CVE-2016-1491, CVE-2016-1492
MD5 | 498b12c9f26fa23e69a5e2b0a2958b51
Android ADB Debug Server Remote Payload Execution
Posted Jan 25, 2016
Authored by joev | Site metasploit.com

This Metasploit module writes and spawns a native payload on an android device that is listening for adb debug messages.

tags | exploit
MD5 | d77551f4825f1ed6b1e204c89bc09c85
Debian Security Advisory 3452-1
Posted Jan 25, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3452-1 - "DrWhax" of the Tails project reported that Claws Mail is missing range checks in some text conversion functions. A remote attacker could exploit this to run arbitrary code under the account of a user that receives a message from them using Claws Mail.

tags | advisory, remote, arbitrary
systems | linux, debian
advisories | CVE-2015-8614
MD5 | 249bc5eac06559765f2f4a8879806c46
Red Hat Security Advisory 2016-0063-01
Posted Jan 25, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0063-01 - The Network Time Protocol is used to synchronize a computer's time with a referenced time source. It was discovered that ntpd as a client did not correctly check the originate timestamp in received packets. A remote attacker could use this flaw to send a crafted packet to an ntpd client that would effectively disable synchronization with the server, or push arbitrary offset/delay measurements to modify the time on the client. All ntp users are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing the update, the ntpd daemon will restart automatically.

tags | advisory, remote, arbitrary, protocol
systems | linux, redhat
advisories | CVE-2015-8138
MD5 | b8413210e1542e41539145b7f893ced1
PHP FastCGI Process Manager (FPM) SAPI Memory Leak / Buffer Overflow
Posted Jan 25, 2016
Authored by Imre Rad

PHP-FPM suffered from memory leak and buffer overflow vulnerabilities in the access logging feature. The fixed versions of PHP are 5.5.31, 5.6.17, and 7.0.2.

tags | advisory, overflow, php, vulnerability, memory leak
MD5 | 944d9a43e37f1ce26917b2cf0a973874
PHP LiteSpeed suEXEC_Daemon Secret Disclosure
Posted Jan 25, 2016
Authored by Imre Rad

In suEXEC_Daemon mode of the LiteSpeed web server spawns one PHP master process during startup. It is running as root and accepts LSAPI requests, which in turn specify what user under the script should run. The LSAPI request is authenticated with a MAC, which is based on pre-shared random key between the the PHP and the web server. The researchers found that the Litespeed PHP SAPI module did not clear this secret in its child processes so it was available in the PHP process memory space of the child processes. The fixed versions of PHP are 5.5.31, 5.6.17, and 7.0.2.

tags | advisory, web, root, php, info disclosure
MD5 | d25313bc2ac96b7c25905a3525cc4e8e
pfSense Firewall 2.2.5 Cross Site Request Forgery
Posted Jan 25, 2016
Authored by Aatif Shahdad

pfSense Firewall version 2.2.5 cross site request forgery exploit.

tags | exploit, csrf
MD5 | ca94da039d14675e106a05d46493ce2a
Linux Kernel prima WLAN Driver Heap Overflow
Posted Jan 25, 2016
Authored by Shawn the R0ck

The Linux prima WLAN driver suffers from a heap overflow vulnerability.

tags | exploit, overflow
systems | linux
advisories | CVE-2015-0569
MD5 | ddc9943eb7a25ab66bdbdc672252feb9
WordPress Appointment Booking Calendar 1.1.23 SQL Injection
Posted Jan 25, 2016
Authored by Joaquin Ramirez Martinez

WordPress Appointment Booking Calendar plugin versions 1.1.23 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 598fbbaed428150cfe7361ebe978d468
Linux x86_64 xor/not/div Encoded execve Shellcode
Posted Jan 25, 2016
Authored by Sathish Kumar

Linux x86_64 xor/not/div encoded execve shellcode.

tags | shellcode
systems | linux
MD5 | 881c536a86fe08776243fdb07dbfdf76
FreeBSD SCTP ICMPv6 Denial Of Service
Posted Jan 25, 2016
Site ptsecurity.com

FreeBSD suffers from an SCTP ICMPv6 error processing denial of service vulnerability.

tags | exploit, denial of service
systems | freebsd, bsd
advisories | CVE-2016-1879
MD5 | eb3cb9e922b8db018b68af99a333b2b9
Buffalo NAS Remote Shutdown
Posted Jan 25, 2016
Authored by Zemnmez

Buffalo NAS devices suffer from a remote shutdown / denial of service vulnerability.

tags | exploit, remote, denial of service
MD5 | 376d0d3afacf6ef07995644a1d28506d
Revive Adserver 3.2.2 Open Redirect
Posted Jan 25, 2016
Authored by Ehsan Hosseini

Revive Adserver version 3.2.2 suffers from an open redirection vulnerability.

tags | exploit
MD5 | d4c7aa79c709e73b3415c48d14fa8089
DigiKala Of Iran Cross Site Scripting
Posted Jan 25, 2016
Authored by 4TT4CK3R

DigiKala of Iran suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 63b7117521bb1e3673e051bcb925bdb7
Page 1 of 1
Back1Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    14 Files
  • 19
    Oct 19th
    8 Files
  • 20
    Oct 20th
    7 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close